LDRA tool suite (CWE Compatible)
In this age of Internet-connected everything, software becomes increasingly vulnerable to security breaches. However, the U.S. Department of Homeland Securityís National Cyber Security Division and the nonprofit MITRE Corporation have created and manage the Common Weakness Enumeration (CWE) Compatibility achievement just earned by LDRA for LDRAís tool suite. CWE is an international-in-scope strategic initiative to identify and formally list core software weaknesses that lead to software security vulnerabilities. CWE also aims to create and foster automated tools capable of preventing, fixing, and identifying such software flaws; thus, LDRAís tool suite ñ including its dynamic and static analysis tools, along with its TBvision and LDRA Testbed ñ falls into lockstep with this goal. To achieve CWE compatibility, LDRA had to synch up the LDRA tool suite with CWE coding rules, which means that the LDRA tool suite can successfully document, reference, and ID the specified software code security weaknesses. Meanwhile, TBvision is an automated code test/analysis tool rendering software source-code transparency and providing monitoring of memory errors, quality metrics, test, and security vulnerabilities. Additionally, the LDRA Testbed serves as a software quality-control tool for verification/validation/test, rendering analyses applicable to further dynamic and static analysis.
- Dynamic and static analysis tools
- TBvision and LDRA Testbed
- Can successfully document, reference, and ID the specified software code security weaknesses
- CWE compatible